a) you can use default config as a starting point for your changes. And whatever you change, changes are saved permanently unless you do it while safe mode is enabled.
b) depends. If you have a router (which will handle traffic between VLANs), then you shoukd keep using CRS as switch. If you don't have a router, then you can use CRS as router ... but beware that CRS has low routing capacity unless you make sure that your config can utilize L3HW offload
c) nothing is automatic in ROS, you'll have to configure device appropriately. Not a big deal though ...
d) where did you get the Atheros8227 idea? There's a single switch chip in CRS324.
e) if you omit ether1 interface from bridge ports and configure management IP address on it, then it'll be isolated from "traffic VLANs" just fine. It is quite usual to also have a management VLAN as well (as in-band management) and the (external) firewall ensures enforcement of access policy.
b) depends. If you have a router (which will handle traffic between VLANs), then you shoukd keep using CRS as switch. If you don't have a router, then you can use CRS as router ... but beware that CRS has low routing capacity unless you make sure that your config can utilize L3HW offload
c) nothing is automatic in ROS, you'll have to configure device appropriately. Not a big deal though ...
d) where did you get the Atheros8227 idea? There's a single switch chip in CRS324.
e) if you omit ether1 interface from bridge ports and configure management IP address on it, then it'll be isolated from "traffic VLANs" just fine. It is quite usual to also have a management VLAN as well (as in-band management) and the (external) firewall ensures enforcement of access policy.
Statistics: Posted by mkx — Sun Dec 31, 2023 12:07 pm